Eric Dumazet wrote:
: > There probably can be some other iptables commands running
: > occasionally (automatic blacklisting of some IP addresses, enabling
: > traffic to authenticated laptops, etc.), but not in the chains I am
: > trying to modify with my firewall initscript. Can this also be a problem?
:
: Yes it is a problem. iptables manipulates the whole table, not a
: subtree.
So do you suggest I should implement some kind of user-space
locking, or is the current approach of "retry after 1 sec when it fails"
OK from the kernel point of view?
Thanks,
-Yenya
--
| Jan "Yenya" Kasprzak <kas at {fi.muni.cz - work | yenya.net - private}> |
| GPG: ID 1024/D3498839 Fingerprint 0D99A7FB206605D7 8B35FCDE05B18A5E |
| http://www.fi.muni.cz/~kas/ Journal: http://www.fi.muni.cz/~kas/blog/ |
Please don't top post and in particular don't attach entire digests to your
mail or we'll all soon be using bittorrent to read the list. --Alan Cox
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
